Privacy Policy

Updated on 01/09/2024

I. PRIVACY POLICY AND DATA PROTECTION

In accordance with the provisions of current legislation, Tradusling (hereinafter also referred to as the website) undertakes to adopt the necessary technical and organizational measures commensurate with the security level pertaining to the risk associated with the collected data.

Legislation to which this privacy policy adheres

This privacy policy adheres to current Spanish and European legislation governing the protection of personal data on the internet. These laws are as follows:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR).
  • Organic Law 3/2018, of 5 December 2018, on the protection of personal data and the guarantee of digital rights (LOPD-GDD).
  • Royal Decree 1720/2007, of 21 December 2007, approving the Regulation implementing Organic Law 15/1999, of 13 December 1999, on the protection of personal data (RDLOPD).
  • Law 34/2002, of 11 July 2002, on information society services and electronic commerce (LSSI-CE).

Identity of the data controller

The person responsible for processing the personal data collected by Tradusling (the Data Controller) is: Montserrat Soler Llopis, holding national ID document/CIF number 33944246H, whose contact details are as follows:
Address: C. Martí Masdeu, 15 – 08585 Montesquiu (BARCELONA)
Contact no: +34659659759
Contact email: tradusling@tradusling.com

Registration of personal data

In accordance with the provisions of the GDPR and the LOPD-GDD, you are hereby informed that the personal data collected by Tradusling by means of the forms on its website will be added to our files and processed in order to facilitate, expedite and fulfil the commitments undertaken between Tradusling and the user, to maintain the relationship established in the form/s completed by the user, and to respond to requests or queries from the user.

Likewise, in accordance with the provisions of the GDPR and the LOPD-GDD, unless the exception provided for in Article 30.5 of the GDPR applies, a record of processing activities will be maintained that specifies, in line with its stated purpose, the processing activities undertaken and any other circumstances established by the GDPR.

Principles applicable to the processing of personal data

The processing of the user’s personal data will be subject to the following principles as set forth in Article 5 of the GDPR and in Article 4 et seq. of Organic Law 3/2018, of 5 December 2018, on the protection of personal data and the guarantee of digital rights:

  • Principle of lawfulness, fairness and transparency: the user’s consent will be required at all times, subject to fully transparent information about the purposes for which the personal data is collected.
  • Principle of purpose limitation: personal data will be collected for specific, explicit and legitimate purposes.
  • Principle of data minimization: the personal data collected will only be those that are strictly necessary for the purposes for which they are processed.
  • Principle of accuracy: personal data must at all times be accurate, relevant, and up-to-date.
  • Principle of storage limitation: personal data may only be stored in such a way that they allow the identification of the user during the time necessary for the purpose/s of their processing.
  • Principle of integrity and confidentiality: personal data must be processed in such a way as to guarantee their security and confidentiality.
  • Principle of proactive responsibility: the data controller will be responsible for ensuring compliance with the above principles.

Categories of personal data

The only categories of data processed by Tradusling are identification data. Under no circumstances do we process special categories of personal data in the sense of Article 9 of the GDPR.

Legal basis for the processing of personal data

The legal basis for the processing of personal data is the user’s consent. Tradusling undertakes to obtain the express and verifiable consent of the user to the processing of their personal data for one or more specific purposes.

Users will have the right to withdraw their consent at any time. It will be as easy to withdraw consent as it was to give it. As a general rule, withdrawal of consent will not affect the use of the website.

On occasions when the user must, or can, provide their data through forms to make enquiries, request information, or for any other reasons related to the website content, they will be informed if the completion of any of these forms is mandatory because they are essential for the correct operation of the process concerned.

Intended purpose of personal data processing

Personal data is collected and managed by Tradusling in order to facilitate, expedite and fulfil the commitments established with the user through the website, to maintain the relationship established in the form/s completed by the user, and to respond to requests or queries from the user.

Likewise, the data may be used for the commercial purposes of personalization, operations and statistics, and for activities specific to the corporate purpose of Tradusling, as well as for data extraction and storage, and marketing studies to adapt the content offered to the user, as well as to improve the quality, operation and navigation of the website.

At the time that the personal data is obtained, the user will be informed about the specific purpose/s for which their personal data will be processed; in other words, how the information collected will be used.

Personal data retention periods

Personal data will only be retained for the minimum time necessary for the purpose of their processing and/or until the user requests their deletion.

At the time the personal data is obtained, the user will be informed of the period during which their personal data will be retained, or, if this is not possible, of the criteria used to determine this period of time

Recipients of personal data

The user’s personal data will not be shared with third parties.

Whatever the case, at the time the personal data is obtained, the user will be informed about the recipients or categories of recipients of their personal data.

Personal data of minors

In accordance with the provisions of Article 8 of the GDPR and Article 7 of Organic Law 3/2018, of 5 December 2018, on the protection of personal data and the guarantee of digital rights, only people over the age of 14 may give their consent for the lawful processing of their personal data by Tradusling. If the person is under 14 years of age, the consent of their parents or guardians will be required for data processing, and this will only be considered lawful to the extent that they have authorized it

Confidentiality and security of personal data

Tradusling undertakes to adopt the necessary technical and organizational measures, commensurate with the security level pertaining to the risk associated with the collected data, in order to guarantee the security of personal data and prevent the accidental or unlawful destruction, loss or alteration of the personal data transmitted, stored, or otherwise processed, or the unauthorized communication of, or access to, such data.

The website has an SSL certificate (Secure Socket Layer) which ensures that personal data is transmitted securely and confidentially. The transmission of data between the server and the user, including in feedback, is fully encrypted.

However, since Tradusling cannot guarantee the impregnability of the internet or the total absence of hackers or other fraudulent users of personal data, the data controller undertakes to notify users without undue delay when a breach of personal data security occurs that is likely to result in a high risk to the rights and freedoms of natural persons. In accordance with the provisions of Article 4 of the GDPR, a breach of personal data security is understood to be any security breach that leads to the accidental or unlawful destruction, loss or alteration of the personal data transmitted, stored, or otherwise processed, or the unauthorized communication of, or access to, such data.

Personal data will be treated as confidential by the data controller, who undertakes to inform everyone who is authorized to process these data in their workspace about this confidentiality, and to guarantee it by means of legal or contractual obligation.

Rights associated with personal data processing

Users have certain rights over the data collected by Tradusling and may therefore exercise the following rights before the Data Controller, which are recognized in the GDPR and in Organic Law 3/2018, of 5 December 2018, on the protection of personal data and guarantee of digital rights:

  • Right of access; this is the user’s right to obtain confirmation of whether or not Tradusling is processing their personal data and, if so, to obtain information about their specific personal data and the processing that Tradusling has conducted or is conducting, as well as the information available about the origin of these data and the recipients of communications made or planned for them, among others.
  • Right of rectification: users have the right to modify any of their personal data that turns out to be inaccurate, or which, in view of the purpose of the processing, may be incomplete.
  • Right to erasure (“the right to be forgotten”): provided that it is not established otherwise by current legislation, the user has the right for their personal data to be deleted when they are no longer necessary for the purposes for which they were collected and processed; when the user has withdrawn their consent to the processing and there is no other legal basis to retain the data; when the user objects to their processing and there is no other legitimate reason for it to continue; when the personal data have been processed unlawfully; when the personal data must be deleted in compliance with a legal obligation; and when the personal data have been obtained from a direct offer of information society services to a child under 14 years of age. In addition to deleting the data, the data controller, bearing in mind the available technology and the cost of its implementation, must take reasonable steps to inform those responsible for the data processing of the request for the deletion of any link to these personal data.
  • Right to restriction of processing: this refers to the user’s right to restrict the processing of their personal data. The user has the right to restrict this processing whenever they contest the accuracy of their personal data; when the processing is unlawful; when the data controller no longer needs their personal data, but the user does need them to make claims; and when the user has objected to the processing of their data.
  • Right to data portability: if the processing is done by automated means, users have the right to receive their data from the data controller in a structured, commonly used and machine-readable format, and to transmit them to another data controller. Whenever technically possible, the data controller will transmit the data directly to this other controller.
  • Right to object: it is the user’s right to object to their personal data being processed or to ask Tradusling to cease processing their personal data.
  • Right not to be subject to automated individual decisions, including profiling: it is the user’s right not to be subject to an individualized decision based solely on the automated processing of their personal data, including profiling, unless established otherwise by current legislation.

Consequently, the user may exercise their rights by sending a written notification to the data controller with the reference “RGPD-Tradusling”, specifying the following:

  • Name and surname/s of the user and a copy of their national ID document. In cases where representation is permitted, the same means of identification must be provided by the person representing the user, as well as the document accrediting their representation. A photocopy of the national ID document may be substituted by any other legally valid means of accrediting personal identity.
  • An explanation of the specific reasons for the request and the information to which access is sought.
  • Address for notification purposes.
  • Date and signature of the applicant.
  • Any other documentation that supports the request..

This request and any other attached documents should be sent to the following postal address or email address:

Postal address: C. Martí Masdeu, 15 – 08585 Montesquiu (BARCELONA)
Email address: tradusling@tradusling.com

Links to third-party websites

The website may include hyperlinks or links that allow access to third party websites other than Tradusling’s website, which are therefore not operated by Tradusling. The owners of these websites will have their own data protection policies; consequently, in each case, they are responsible for their own files and their own privacy practices.

Complaints to the supervisory authority

If the user considers that there is a problem with, or infringement of, current regulations in the way their personal data is being processed, they have the right to effective legal protection and to lodge a complaint with a supervisory authority, specifically in the State in which they have their regular residence, place of work, or place of the alleged infringement. In the case of Spain, the supervisory authority is the Spanish Data Protection Agency (https://www.aepd.es/).

II. ACCEPTANCE OF AND CHANGES TO THIS PRIVACY POLICY

It is necessary for users to have read and agreed to the conditions on the protection of personal data detailed in this privacy policy, and to have agreed to the processing of their personal data so the data controller can proceed in the manner, for the period of time, and for the purposes that are indicated therein. The use of the website implies the user’s acceptance of the privacy policy.

Tradusling reserves the right to modify its privacy policy at its own discretion or in accordance with a legislative, jurisprudential or doctrinal change dictated by the Spanish Data Protection Agency. Users will not be notified directly of any changes or updates to this privacy policy. They are therefore advised to consult this page on a regular basis to ensure they are aware of the latest changes or updates.

This privacy policy was updated to adapt to Regulation (EU) 2016/679 of the European Parliament and of the Council, of 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR) and to Organic Law 3/2018, of 5 December 2018, on the protection of personal data and the guarantee of digital rights